Building the IP Acquisition Table
So far, this affiliate has explained how to anatomy BGP acquaintance relationships, how to inject routes
into the BGP table, and how BGP routers accept which routes to bear to adjoining routers.
Part of that argumentation relates to how the BGP accommodation activity selects a router’s best avenue to each
prefix, with the added brake that the NEXT_HOP charge be attainable afore the avenue can be
considered as a best route.
This area completes the aftermost footfall in BGP’s ultimate goal—adding the adapted routes to the
IP acquisition table. In its simplest form, BGP takes the already articular best BGP routes for each
prefix and adds those routes to the IP acquisition table. However, there are some additional
restrictions, mainly accompanying to authoritative ambit (AD) (for eBGP and iBGP routes) and BGP
synchronization (iBGP routes only). The sections that chase detail the exceptions.
Adding eBGP Routes to the IP Acquisition Table
Cisco IOS software uses simple argumentation aback free which eBGP routes to add to the IP
routing table. The alone two requirements are as follows:
■ The eBGP avenue in the BGP table is advised to be a “best” route.
■ If the aforementioned prefix has been abstruse via accession IGP or via changeless routes, the AD for BGP
external routes charge be lower than the ADs for added acquisition source(s).
By default, Cisco IOS considers eBGP routes to accept AD 20, which gives eBGP routes a better
(lower) AD than any added activating acquisition protocol’s absence AD (except for the AD 5 of EIGRP
summary routes). The account abaft the absence is that eBGP-learned routes should never be
Building the IP Acquisition Table 377
prefixes from aural an AS. Under accustomed conditions, eBGP-learned prefixes should hardly be
seen as IGP-learned routes as well, but aback they are, the BGP avenue would win by default.
BGP sets the AD abnormally for eBGP routes, iBGP routes, and for bounded (locally injected)
routes—with defaults of 20, 200, and 200, respectively. These ethics can be overridden in two
ways, both constant with the advantage of AD in Affiliate 10:
■ By application the ambit bgp external-distance internal-distance local-distance BGP
subcommand, which allows the simple ambience of AD for eBGP-learned prefixes, iBGPlearned
prefixes, and prefixes injected locally, respectively.
■ By alteration the AD application the ambit {ip-address {wildcard-mask}} [ip-standard-list | ipextended-
list] BGP subcommand
Similar commands were covered in the Affiliate 10 area “Preventing Suboptimal Routes by
Setting the Authoritative Distance.” With BGP, the IP abode and wildcard affectation accredit to the IP
address acclimated on the acquaintance command for that accurate neighbor, not the BGP RID or
NEXT_HOP of the route. The ACL examines the BGP routes accustomed from the neighbor,
assigning the authentic AD for any routes analogous the ACL with a admittance action.
Finally, a quick agenda is bare about the absolute IP avenue added to the IP acquisition table. The route
contains the exact aforementioned prefix, prefix length, and next-hop IP abode as listed in the BGP table—
even if the NEXT_HOP PA is an IP abode that is not in a affiliated network. As a result, the IP
forwarding activity may crave a recursive avenue lookup. Archetype 11-12 shows such a case on
R3, area the three BGP routes anniversary account a abutting hop of 1.1.1.1, which happens to be a loopback
interface on R1. As you can see from Amount 11-4, R3 and R1 accept no interfaces in common. The
route to 1.1.1.1 lists the absolute next-hop IP abode to which a packet would be forwarded.
Backdoor Routes
Having a low absence AD (20) for eBGP routes can account a botheration in some topologies. Amount 11-6
shows a archetypal case, in which Enterprise 1 uses its eBGP avenue to adeptness arrangement 99.0.0.0 in
Enterprise 2. However, the two enterprises appetite to use the OSPF-learned avenue via the busy line
between the two companies.
Example 11-12 R3 Routes with Next-Hop 1.1.1.1, Requiring Recursive Avenue Lookup
! Packets forwarded to 31.0.0.0/8 bout the aftermost route, with next-hop 1.1.1.1; R3
! afresh finds the avenue that matches destination 1.1.1.1 (the aboriginal route), finding
! the adapted next-hop IP abode and approachable interface.
R3# appearance ip avenue | incl 1.1.1.1
D 1.1.1.1 [90/2809856] via 10.1.23.2, 04:01:44, Serial0/0/1
B 32.1.1.0/24 [200/156160] via 1.1.1.1, 00:01:00
B 32.0.0.0/8 [200/0] via 1.1.1.1, 00:01:00
B 31.0.0.0/8 [200/156160] via 1.1.1.1, 00:01:00
378 Affiliate 11: BGP
Figure 11-6 The Charge for BGP Backdoor Routes
R1 uses its eBGP avenue to adeptness 99.0.0.0 because eBGP has a lower AD (20) than OSPF (110).
One band-aid would be to configure the ambit command to lower the AD of the OSPF-learned
route. However, BGP offers an affected band-aid to this accurate botheration through the use of the
network backdoor command. In this case, if R1 configures the arrangement 99.0.0.0 backdoor
router BGP subcommand, the afterward would occur:
■ R1 would use the bounded AD (default 200) for the eBGP-learned avenue to arrangement 99.0.0.0.
■ R1 does not acquaint 99.0.0.0 with BGP.
Given that logic, R1 can use a arrangement backdoor command for anniversary prefix for which R1 needs
to use the clandestine articulation to adeptness Enterprise 2. If the OSPF avenue to anniversary prefix is up and working,
R1 uses the OSPF (AD 110) avenue over the eBGP-learned (AD 200) avenue through the Internet. If
the OSPF avenue is lost, the two companies can still acquaint through the Internet.
Adding iBGP Routes to the IP Acquisition Table
Cisco IOS has the aforementioned two requirements for abacus iBGP routes to the IP acquisition table as it does
for eBGP routes:
■ The avenue charge be the best BGP route.
■ The avenue charge be the best avenue (according to the AD) in allegory with added routing
sources.
ASN 1
Enterprise 1
ASN 2
Enterprise 2
ASN 101
ISP 1
ASN 102
ISP 2
R1
R3
R2
Network
99.0.0.0/8
R3 EBGP –
99.0.0.0/8
EBGP –
99.0.0.0/8
EBGP –
99.0.0.0/8
OSPF –
99.0.0.0/8
Use AD 20
EBGP Route!
Building the IP Acquisition Table 379
Additionally, for iBGP-learned routes, IOS considers the abstraction of BGP synchronization.
With BGP synchronization (often alleged sync) disabled application the no synchronization command,
BGP uses the aforementioned argumentation for iBGP routes as it does for eBGP routes apropos which routes to add
to the IP acquisition table. However, enabling BGP accompany (with the synchronization BGP subcommand)
prevents a brace of problems accompanying to IP routing. Amount 11-7 shows the capacity of aloof such a
problem. In this case, accompany was afield disabled in ASN 678, creating a atramentous hole.
Figure 11-7 Problem: Acquisition Atramentous Aperture Due to Not Application BGP Sync
The afterward account takes a consecutive appearance of what occurs aural BGP in Amount 11-7:
1. R5 adds two prefixes (21.0.0.0/8 and 22.2.2.0/24) into its BGP table application two network
commands.
2. R5 advertises the prefixes to R7, but does not redistribute the routes into its IGP.
3. R7 advertises the prefixes to R6.
4. R6, with synchronization disabled, considers the routes as “best,” so R6 adds the routes to its
routing table.
5. R6 additionally advertises the two prefixes to R1.
R5
ASN 678
ASN 123 ASN 45
R6 R8 R7
21.1.1.5/8
22.2.2.5/24
Injected via
network
Command
With “no sync”:
Adds routes to
21.0.0.0/8 and
22.2.2.0/24.
R8: RIP Only
– No routes to
21.0.0.0/8 or
22.2.2.0/24.
1
2
3
4
5
10.1.68.8
Discard packets beatific to
21.1.1.5 and 22.2.2.5.
A
A Atramentous Aperture B Misleading Update
B
Update: I can
reach 21.0.0.0/8
and 22.2.2.0/24.
R2
R3 R4
R1
380 Affiliate 11: BGP
Two accompanying problems (labeled A and B in the figure) absolutely action in this case. The acquisition black
hole occurs because R8 does not accept a avenue to either of the prefixes advertised by BGP. R8 is not
running BGP—a accepted accident for a router that does not anon affix to an eBGP peer.
R7 did not redistribute those two prefixes into the IGP; as a result, R8 cannot avenue packets for
those prefixes. R6, and possibly routers in AS 123, try to advanced packets destined to the two
prefixes through AS 678, but R8 discards the packets—hence the atramentous hole.
The added accompanying problem, labeled B, occurs at Footfall 5. R6 affronted the acquisition black-hole
problem by announcement to accession AS (AS 123) that it could adeptness the prefixes. R6 considers its
routes to 21.0.0.0/8 and 22.2.2.0/24 as “best” routes in its BGP table, so R6 afresh advertises those
routes to R1. Depending on the cartography and PA settings, R1 could accept advised these routes
as its best routes—thereby sending packets destined for those prefixes into AS 678. (Assuming the
configuration as apparent in the antecedent examples, R1 would absolutely accept the 1 AS_PATH
through R3 to AS 45 as the best path.)
The solutions to these problems are varied, but all the solutions aftereffect in the centralized routers (for
example, R8) acquirements the routes to these prefixes, thereby removing the atramentous aperture and removing
the abrogating aftereffect of announcement the route. The aboriginal band-aid to this botheration involves the use
of BGP synchronization, forth with redistributing BGP routes into the IGP. However, two later
solutions accommodate bigger options today:
■ BGP avenue reflectors
■ BGP confederations
The abutting several sections awning all of these options.
Using Accompany and Redistributing Routes
BGP synchronization is best accepted aback advised in the ambience in which it was intended
to be used—namely, in affiliation with the redistribution of BGP routes into the IGP. This
method is hardly acclimated by ISPs today, mainly because of the ample cardinal of routes that would be
injected into the IGP. However, application BGP accompany in affiliation with redistribution solves both
problems accompanying to the acquisition atramentous hole.
The key to compassionate BGP accompany is to apperceive that redistribution solves the acquisition black-hole
problem, and accompany solves the botheration of announcement a black-hole avenue to accession AS. For
example, to break the acquisition black-hole problem, R7 redistributes the two prefixes into RIP (from
Figure 11-7). R8 afresh has routes to those prefixes, analytic the black-hole problem.
Sync argumentation on R6 controls the added allotment of the all-embracing problem, acclimation the altitude under
which R6 advertises the prefixes to added eBGP aeon (like R1). Accompany works by controlling
whether a BGP table access can be advised “best”; accumulate in apperception that a avenue in the BGP table
Building the IP Acquisition Table 381
must be advised to be “best” afore it can be advertised to accession BGP peer. The BGP sync
logic controls that accommodation as follows:
Do not accede an iBGP avenue in the BGP table as “best” unless the exact
prefix was abstruse via an IGP and is currently in the acquisition table.
Sync argumentation about gives a router a adjustment to apperceive whether the non-BGP routers central the AS
should accept the adeptness to avenue packets to the prefix. Agenda that the avenue charge be IGP-learned
because a changeless avenue on R6 would not betoken annihilation about what added routers (like R8) might
or ability not accept learned. For example, application Amount 11-7 again, already R6 learns the prefixes via
RIP, RIP will abode the routes in its IP acquisition table. At that point, the accompany argumentation on R6 can
consider those aforementioned BGP-learned prefixes in the BGP table as candidates to be best routes. If
chosen as best, R6 can afresh acquaint the BGP routes to R1.
Example 11-13 shows the atramentous aperture occurring from R6’s perspective, with accompany disabled on R6
using the no synchronization BGP subcommand. Afterward that, the archetype shows R6’s
behavior already R7 has amorphous redistributing BGP routes into RIP, with accompany enabled on R6.
Example 11-13 Comparing the Atramentous Aperture (No Sync) and Band-aid (Sync)
! R6 has a “best” BGP avenue to 21.0.0.0/8 through R7 (7.7.7.7), but a trace
! command shows that the packets are alone by R8 (10.1.68.8).
R6# appearance ip bgp | activate Network
Network Abutting Hop Metric LocPrf Weight Path
* 21.0.0.0 172.16.16.1 0 123 45 i
*>i 7.7.7.7 0 100 0 45 i
* 22.2.2.0/24 172.16.16.1 0 123 45 i
*>i 7.7.7.7 0 100 0 45 i
R6# trace 21.1.1.5
Type escape arrangement to abort.
Tracing the avenue to 21.1.1.5
1 10.1.68.8 20 msec 20 msec 20 msec
2 10.1.68.8 !H * !H
! R7 is now configured to redistribute BGP into RIP.
R7# conf t
Enter agreement commands, one per line. End with CNTL/Z.
R7(config)# router rip
R7(config-router)# redist bgp 678 metric 3
! Next, R6 switches to use sync, and the BGP activity is cleared.
R6# conf t
Enter agreement commands, one per line. End with CNTL/Z.
R6(config)# router bgp 678
R6(config-router)# synchronization
R6(config-router)# ^Z
R6# bright ip bgp *
continues
382 Affiliate 11: BGP
Disabling Accompany and Application BGP on All Routers in an AS
A added adjustment to affected the black-hole affair is to artlessly use BGP to acquaint all the BGPlearned
prefixes to all routers in the AS. Because all routers apperceive the prefixes, accompany can be
disabled safely. The downside is the accession of BGP assimilate all routers, and the accession of iBGP
neighbor access amid anniversary brace of routers. (In an AS with N routers, N(N−1)/2 neighbor
connections will be required.) With ample free systems, BGP achievement and
convergence time can abase as a aftereffect of the ample cardinal of peers.
BGP needs the abounding cobweb of iBGP aeon central an AS because BGP does not acquaint iBGP routes
(routes abstruse from one iBGP peer) to accession iBGP peer. This added brake helps
prevent acquisition loops, but it afresh requires a abounding cobweb of iBGP peers—otherwise, alone a subset of
the iBGP aeon would apprentice anniversary prefix.
! R6’s BGP table entries now appearance “RIB-failure,” a cachet cipher that can mean
! (as of some 12.2T IOS releases) that the prefix is accepted via an IGP. 21.0.0.0/8
! is apparent to be included as a RIP avenue in R6’s acquisition table. Agenda additionally that R6
! considers the BGP routes through R7 as the “best” routes; these are still
! advertised to R1.
R6# appearance ip bgp
BGP table adaptation is 5, bounded router ID is 6.6.6.6
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Abutting Hop Metric LocPrf Weight Path
r 21.0.0.0 172.16.16.1 0 123 45 i
r>i 7.7.7.7 0 100 0 45 i
r 22.2.2.0/24 172.16.16.1 0 123 45 i
r>i 7.7.7.7 0 100 0 45 i
R6# appearance ip avenue | incl 21.0.0.0
R 21.0.0.0/8 [120/4] via 10.1.68.8, 00:00:15, Serial0/0.8
! R6 considers the routes through R7 as the “best” routes; these are still
! advertised to R1, alike admitting they are in a “RIB-failure” state.
R6# appearance ip bgp acquaintance 172.16.16.1 advertised-routes | activate Network
Network Abutting Hop Metric LocPrf Weight Path
r>i21.0.0.0 7.7.7.7 0 100 0 45 i
r>i22.2.2.0/24 7.7.7.7 0 100 0 45 i
NOTE Accompany includes an added odd claim aback OSPF is acclimated as the IGP. If the
OSPF RID of the router announcement the prefix is a altered cardinal than the BGP router
advertising that aforementioned prefix, afresh accompany still does not acquiesce BGP to accede the avenue to be
the best route. OSPF and BGP use the aforementioned priorities and argumentation to accept their RIDs; however,
when application sync, it makes faculty to absolutely configure the RID for OSPF and BGP to be the
same amount on the router that redistributes from BGP into OSPF.
Example 11-13 Comparing the Atramentous Aperture (No Sync) and Band-aid (Sync) (Continued)
Building the IP Acquisition Table 383
BGP offers two accoutrement (confederations and avenue reflectors) that abate the cardinal of peer
connections central an AS, anticipate loops, and acquiesce all routers to apprentice about all prefixes. These
two accoutrement are covered next.
Confederations
An AS application BGP confederations, as authentic in RFC 3065, separates anniversary router in the AS into
one of several amalgamation sub-autonomous systems (sub-autonomous systems). Aeon central the
same sub-AS are advised to be amalgamation iBGP peers, and routers in altered subautonomous
systems are advised to be amalgamation eBGP peers.
Confederations bear routes to all routers, afterwards a abounding cobweb of aeon central the absolute AS.
To do so, amalgamation eBGP associate access act like accurate eBGP aeon in some respects. In a
single sub-AS, the amalgamation iBGP aeon charge be absolutely meshed, because they act absolutely like
normal iBGP peers—in added words, they do not acquaint iBGP routes to anniversary other. However,
confederation eBGP aeon act like eBGP aeon in that they can acquaint iBGP routes learned
inside their amalgamation sub-AS into accession amalgamation sub-AS.
Confederations anticipate loops central a amalgamation AS by application the AS_PATH PA. BGP routers
in a amalgamation add the sub-autonomous systems into the AS_PATH as allotment of an AS_PATH
segment alleged the AS_CONFED _SEQ. (The AS_PATH consists of up to four different
components, alleged segments—AS_SEQ, AS_SET, AS_CONFED_ SEQ, and AS_CONFED_SET;
see the beforehand area blue-blooded “Manual Summaries and the AS_PATH Aisle Attribute” for more
information on AS_SEQ and AS_SET.)
Just as the AS_SEQ and AS_SET apparatus advice anticipate loops amid free systems,
AS_CONFED_SEQ and AS_CONFED_SET advice anticipate loops aural confederation
autonomous systems. Afore amalgamation eBGP aeon can acquaint an iBGP avenue into
another sub-AS, the router charge accomplish abiding the destination sub-AS is not already in the
AS_PATH AS_CONFED_SEQ segment. For example, in Amount 11-8, the routers in sub-ASN
65001 apprentice some routes and afresh acquaint those routes to sub-ASNs 65002 and 65003. Routers
in these two sub-ASNs acquaint the routes to anniversary other. However, they never re-advertise the
routes aback to routers in sub-ASN 65001 due to AS_CONFED_SEQ, as apparent in parentheses
inside the figure.
NOTE The agreement AS and sub-AS accredit to the abstraction of an free arrangement and subautonomous
system. ASN and sub-ASN accredit to the absolute AS numbers used.
384 Affiliate 11: BGP
Figure 11-8 AS_PATH Changes in a Confederation
Figure 11-8 depicts a abundant example, with the accomplish in the afterward account analogous the steps
outlined in circled numbers in the figure:
1. 21.0.0.0/8 is injected by R45 and advertised via eBGP to AS 123. This avenue has an AS_PATH
of 45.
2. R3 advertises the prefix via its two iBGP connections; however, due to iBGP rules central the
sub-AS, R1 and R2 do not attack to acquaint this prefix to anniversary other.
3. Routers in sub-AS 65001 use eBGP-like argumentation to acquaint 21.0.0.0/8 to their confederation
eBGP peers, but aboriginal they inject their own sub-AS into the AS_PATH AS_CONFED_SEQ
segment. (This allotment of the AS_PATH is displayed central parentheses in the achievement of the show
ip bgp command, as apparent in the figure.)
4. The aforementioned activity as in Footfall 2 occurs in the added two sub-autonomous systems, respectively.
5. R6 and R9 acquaint the avenue to anniversary added afterwards abacus their corresponding ASNs to the
AS_CONFED_SEQ.
6. R9 advertises the prefix via a accurate eBGP affiliation afterwards removing the sub-AS allocation of the
AS_PATH.
1
3
5
6
R2 Sub-ASN 65001
R1
R3
2
Sub-ASN 65003
ASN 123
ASN 45
ASN 678
R7
R9
R8
Sub-ASN 65002
21.0.0.0/8
AS_PATH: (65001) 45 3 21.0.0.0/8
AS_PATH: (65001) 45
Update: 21.0.0.0/8
AS_PATH 45
21.0.0.0/8
AS_PATH: 123 45
21.0.0.0/8
AS_PATH: (65003 65001) 45
R4
R6
4 R5 4
5 21.0.0.0/8
AS_PATH: (65002 65001) 45
R77
R45
Building the IP Acquisition Table 385
By the end of these steps, all the routers central ASN 123 accept abstruse of the 21.0.0.0/8 prefix.
Also, ASN 678 (R77 in this case) abstruse of a avenue for that aforementioned prefix—a avenue that would work
and would not accept the black-hole effect. In fact, from ASN 678’s perspective, it sees a avenue that
appears to be through ASNs 123 and 45. Additionally agenda that routers in sub-AS 65002 and 65003 will
not acquaint the prefix aback into sub-AS 65001 because AS 65001 is already in the confederation
AS_PATH.
The best of ethics for sub-ASNs 65001, 65002, and 65003 is not casual in this case. ASNs
64512 through 65535 are clandestine ASNs, meant for use in cases area the ASN will not be
advertised to the Internet or added free systems. By application clandestine ASNs, a confederation
can hopefully abstain the afterward blazon of problem. Imagine that sub-AS 65003 instead used
ASN 45. The AS_PATH bend analysis examines the absolute AS_PATH. As a result, the prefixes shown
in Amount 11-8 would never be advertised to sub-AS 45, and in about-face would not be advertised to
ASN 678. Application clandestine ASNs would anticipate this problem.
The afterward account summarizes the key credibility apropos confederations:
■ Central a sub-AS, abounding cobweb is required, because abounding iBGP rules are in effect.
■ The amalgamation eBGP access act like accustomed eBGP access in that iBGP routes
are advertised—as continued as the AS_PATH implies that such an advertisement would not cause
a loop.
■ Amalgamation eBGP access additionally act like accustomed eBGP access apropos Time to
Live (TTL), because all packets use a TTL of 1 by default. (TTL can be afflicted with the
neighbor ebgp-multihop command.)
■ Amalgamation eBGP access act like iBGP access in every added regard—for
example, the NEXT_HOP is not afflicted by default.
■ Amalgamation ASNs are not advised allotment of the breadth of the AS_PATH aback a router
chooses the best routes based on the beeline AS_PATH.
■ Amalgamation routers abolish the amalgamation ASNs from the AS_PATH in Updates sent
outside the confederation; therefore, added routers do not apperceive that a amalgamation was used.
Configuring Confederations
Configuring confederations requires alone a few added commands above those already
covered in this chapter. However, brief to use confederations can be absolutely painful. The
problem is that the accurate ASN will no best be configured on the router bgp command, but instead
on the bgp amalgamation identifier BGP subcommand. So, BGP will artlessly be out of account on
one or added routers while the clearing occurs. Table 11-10 lists the key confederation
commands, and their purpose.
386 Affiliate 11: BGP
Example 11-14 shows a simple agreement for the cartography in Amount 11-9.
Figure 11-9 Internetwork Cartography with Confederations in ASN 123
In this internetwork topology, R1 is in sub-AS 65001, with R2 and R3 in sub-AS 65023. In this
case, R1 and R3 will not be neighbors. The afterward account outlines the arrangement of contest to
propagate a prefix:
1. R3 will apprentice prefix 21.0.0.0/8 via eBGP from AS 45 (R4).
2. R3 will acquaint the prefix via iBGP to R2.
3. R2 will acquaint the prefix via amalgamation eBGP to R1.
Table 11-10 BGP Subcommands Acclimated for Confederations
Purpose Command
Define a router’s sub-AS router bgp sub-as
Define the accurate AS bgp amalgamation identifier asn
To analyze a adjoining AS as accession sub-AS bgp amalgamation aeon sub-asn
Example 11-14 Amalgamation Central AS 123
! R1 Configuration. Agenda the sub-AS in the router bgp command, and the accurate AS in
! the bgp amalgamation identifier command. Additionally agenda the acquaintance ebgp-multihop
! command for amalgamation eBGP associate R2, as they are application loopbacks. Also, sync
10.1.23.2
10.1.12.2
10.1.23.3
10.1.12.1
EBGP
10.1.34.4
10.1.134.4
10.1.34.3
10.1.134.3
172.16.16.6
172.16.16.1
ASN 678
ASN 45
Confederation:
ASN 123
Confed-AS
65023
Confed-AS
65001
EBGP
2
3
1 Update: 21.0.0.0/8
AS_PATH 45
R3 R4
R1 R6
R2
Building the IP Acquisition Table 387
! is not bare now that the amalgamation has been created.
router bgp 65001
no synchronization
bgp router-id 111.111.111.111
bgp amalgamation identifier 123
bgp amalgamation aeon 65023
neighbor 2.2.2.2 remote-as 65023
neighbor 2.2.2.2 ebgp-multihop 2
neighbor 2.2.2.2 update-source Loopback1
neighbor 2.2.2.2 next-hop-self
neighbor 172.16.16.6 remote-as 678
! R2 Configuration. Agenda the bgp amalgamation aeon 65023 command. Afterwards it,
! R2 would anticipate that acquaintance 1.1.1.1 was a accurate eBGP connection, and remove
! the amalgamation AS_PATH entries afore announcement to R1.
router bgp 65023
no synchronization
bgp amalgamation identifier 123
bgp amalgamation aeon 65001
neighbor 1.1.1.1 remote-as 65001
neighbor 1.1.1.1 ebgp-multihop 2
neighbor 1.1.1.1 update-source Loopback1
neighbor 3.3.3.3 remote-as 65023
neighbor 3.3.3.3 update-source Loopback1
! R3 Configuration. Agenda that R3 does not charge a bgp amalgamation aeon command,
! as it does not accept any amalgamation eBGP peers.
router bgp 65023
no synchronization
bgp log-neighbor-changes
bgp amalgamation identifier 123
neighbor 2.2.2.2 remote-as 65023
neighbor 2.2.2.2 update-source Loopback1
neighbor 2.2.2.2 next-hop-self
neighbor 4.4.4.4 remote-as 45
neighbor 4.4.4.4 ebgp-multihop 2
neighbor 4.4.4.4 update-source Loopback1
! R1 has accustomed the 21.0.0.0/8 prefix, with sub-AS 65023 apparent in parentheses,
! and accurate AS 45 apparent alfresco the parentheses. R1 has additionally abstruse the same
! prefix via AS 678 and R6. The avenue through the sub-AS is best because it is the
! beeline AS_PATH; the beeline AS_PATH argumentation ignores the amalgamation sub-autonmous systems.
R1# appearance ip bgp | activate Network
Network Abutting Hop Metric LocPrf Weight Path
*> 21.0.0.0 3.3.3.3 0 100 0 (65023) 45 i
* 172.16.16.6 0 678 45 i
*> 22.2.2.0/24 3.3.3.3 0 100 0 (65023) 45 i
* 172.16.16.6 0 678 45 i
continues
Example 11-14 Amalgamation Central AS 123 (Continued)
388 Affiliate 11: BGP
Route Reflectors
Route reflectors (RRs) accomplish the aforementioned aftereffect as confederations—they abolish the charge for a full
mesh of iBGP peers, acquiesce all iBGP routes to be abstruse by all iBGP routers in the AS, and prevent
loops. In an iBGP architecture application RRs, a fractional cobweb of iBGP aeon is defined. Some routers are
configured as RR servers; these servers are accustomed to apprentice iBGP routes from their audience and
then acquaint them to added iBGP peers. The archetype in Amount 11-10 shows the key agreement and
some of the amount argumentation acclimated by an RR; agenda that alone the RR server itself uses altered logic, with
clients and nonclients acting as accustomed iBGP peers.
Figure 11-10 Basic Flow Application a Distinct RR, Four Clients, and Two Nonclients
! R6 shows its accustomed amend from R1, assuming the removed sub-AS, and the
! admittance of the accurate AS, AS 123.
R6# appearance ip bgp acquaintance 172.16.16.1 received-routes | activate Network
Network Abutting Hop Metric LocPrf Weight Path
r 21.0.0.0 172.16.16.1 0 123 45 i
r 22.2.2.0/24 172.16.16.1 0 123 45 i
Example 11-14 Amalgamation Central AS 123 (Continued)
R2
R1 R3 R77
R11 R12 R13 R14
R6
11.0.0.0/8
Non-Client
Non-Client
ASN 123
ASN 199
ASN 111
RR
Cluster
RR
Server
Clients
EBGP
EBGP
1
2
3
4
4
5
Building the IP Acquisition Table 389
Figure 11-10 shows how prefix 11.0.0.0/8 is broadcast through the AS, application the afterward steps:
1. R11 learns 11.0.0.0/8 application eBGP.
2. R11 uses accustomed iBGP rules and sends an Amend to R1.
3. R1 reflects the routes by sending Updates to all added clients.
4. R1 additionally reflects the routes to all non-clients.
5. Nonclients use non-RR rules, sending an Amend over eBGP to R77.
Only the router acting as the RR uses adapted rules; the added routers (clients and non-clients) are
not alike acquainted of the RR, nor do they change their operating rules. Table 11-11 summarizes the
rules for RR operation, which alter based on from what blazon of BGP associate the RR receives the
prefix. The table lists the sources from which a prefix can be learned, and the types of added routers
to which the RR will reflect the prefix information.
The one case in which the RR does not reflect routes is aback the RR receives a avenue from a
nonclient, with the RR not absorption that avenue to added nonclients. The angle abaft that
logic is that RRs act like accustomed iBGP aeon with nonclients and with eBGP neighbors—in other
words, the RR does not advanced iBGP-learned routes to added nonclient iBGP peers. The
difference in how the RR behaves relates to aback a applicant sends the RR a prefix, or aback the RR
decides to reflect a prefix to the clients.
One (or more) RR servers, and their clients, actualize a distinct RR cluster. A BGP architecture application RRs
can abide of:
■ Clusters with assorted RRs in a cluster
■ Assorted clusters, although application assorted clusters makes faculty alone aback physical
redundancy exists as well.
With assorted clusters, at atomic one RR from a array charge be peered with at atomic one RR in each
of the added clusters. Typically, all RRs are peered directly, creating a abounding cobweb of RR iBGP peers
among RRs. Also, if some routers are nonclients, they should be included in the abounding cobweb of RRs.
Table 11-11 Types of Neighbors to Which Prefixes Are Reflected
Location from Which a
Prefix Is Learned
Are Routes Advertised to
Clients?
Are Routes Advertised to
Non-clients?
Client Yes Yes
Non-client Yes No
eBGP Yes Yes
-
390 Affiliate 11: BGP
Figure 11-11 shows the concept, with anniversary RR absolutely meshed with the added RRs in added clusters,
as able-bodied as with the nonclient.
Figure 11-11 Assorted RR Clusters with Abounding Cobweb Among RRs and Nonclients
If you accede the argumentation arbitrary in Table 11-11 compared to Amount 11-11, it appears that routing
loops are not alone accessible but apparent with this design. However, the RR affection uses several
tools to anticipate loops, as follows:
■ CLUSTER_LIST—RRs add their array ID into a BGP PA alleged the CLUSTER_LIST
before sending an Update. Aback accepting a BGP Update, RRs abandon accustomed prefixes for
which their array ID already appears. As with AS_PATH for confederations, this prevents
RRs from looping advertisements amid clusters.
■ ORIGINATOR_ID—This PA lists the RID of the aboriginal iBGP associate to acquaint the avenue into
the AS. If a router sees its own BGP ID as the ORIGINATOR_ID in a accustomed route, it does
not use or bear the route.
■ Alone acquaint the best routes—RRs reflect routes alone if the RR considers the avenue to be
a “best” avenue in its own BGP table. This added banned the routes reflected by the RR. (It also
has a absolute aftereffect compared with confederations in that an boilerplate router sees fewer,
typically useless, bombastic routes.)
R1
R2
RR
Server
RR Array 1
RR Array 3
RR Array 2
RR
Server
Clients
R4
Non-Client
RR
Server
Clients
R3
RR
Server
Clients
Building the IP Acquisition Table 391
Example 11-15 shows a simple archetype of application RRs. Amount 11-12 shows the adapted AS 123
from the arrangement of Amount 11-4, now with four routers. The architecture uses two clusters, with two
RRs (R9 and R2) and two audience (R1 and R3). The afterward account outlines the arrangement of events
to bear a prefix, as apparent in Amount 11-12:
1. R3 learns prefix 21.0.0.0/8 via eBGP from AS 45 (R4).
2. R3 advertises the prefix via iBGP to R2 application accustomed logic.
3. R2, an RR, accepting a prefix from an RR client, reflects the avenue via iBGP to R9—a
nonclient as far as R2 is concerned.
4. R9, an RR, accepting an iBGP avenue from a nonclient, reflects the avenue to R1, its RR client.
Figure 11-12 Adapted AS 123 Acclimated in RR Archetype 11-15
Example 11-15 RR Agreement for AS 123, Two RRs, and Two Clients
! R3 Configuration. The RR applicant has no apparent signs of actuality a client; the
! activity is absolutely hidden from all routers except RRs. Also, do not forget
! that one of the capital motivations for application RRs is to acquiesce accompany to be disabled.
router bgp 123
no synchronization
neighbor 2.2.2.2 remote-as 123
continues
EBGP
1
R2 R3
RR Applicant R4
RR Client
IBGP
IBGP
Cluster-ID 1
ASN 123
2
21.0.0.0/8
3
4
R9 R1
IBGP
Cluster-ID 2
392 Affiliate 11: BGP
neighbor 2.2.2.2 update-source Loopback1
neighbor 2.2.2.2 next-hop-self
neighbor 4.4.4.4 remote-as 45
neighbor 4.4.4.4 ebgp-multihop 255
neighbor 4.4.4.4 update-source Loopback1
! R2 Configuration. The array ID would absence to R2’s BGP RID, but it has been
! manually set to “1,” which will be listed as “0.0.0.1” in command output. R2
! designates 3.3.3.3 (R3) as a client.
router bgp 123
no synchronization
bgp cluster-id 1
neighbor 3.3.3.3 remote-as 123
neighbor 3.3.3.3 update-source Loopback1
neighbor 3.3.3.3 route-reflector-client
neighbor 9.9.9.9 remote-as 123
neighbor 9.9.9.9 update-source Loopback1
! R9 Configuration. The agreement is agnate to R2, but with a different
! array ID.
router bgp 123
no synchronization
bgp router-id 9.9.9.9
bgp cluster-id 2
neighbor 1.1.1.1 remote-as 123
neighbor 1.1.1.1 update-source Loopback2
neighbor 1.1.1.1 route-reflector-client
neighbor 2.2.2.2 remote-as 123
neighbor 2.2.2.2 update-source Loopback2
no auto-summary
! The R1 agreement is omitted, as it contains no specific RR configuration,
! as is the case with all RR clients.
! The 21.0.0.0/8 prefix has been abstruse by R3, forwarded over iBGP as accustomed to
! R2. Then, R2 reflected the prefix to its alone added peer, R9. The appearance ip bgp
! 21.0.0.0 command shows the accepted AS_PATH (45); the iBGP artist of the
! avenue (3.3.3.3), and the iBGP acquaintance from which it was abstruse (“from
! 2.2.2.2”); and the array list, which currently has R2’s array (0.0.0.1).
! The abutting achievement is from R9.
R9# appearance ip bgp 21.0.0.0
BGP acquisition table access for 21.0.0.0/8, adaptation 3
Paths: (1 available, best #1, table Default-IP-Routing-Table)
Flag: 0x820
Advertised to update-groups:
2
45
3.3.3.3 (metric 2300416) from 2.2.2.2 (2.2.2.2)
Origin IGP, metric 0, localpref 100, valid, internal, best
Originator: 3.3.3.3, Array list: 0.0.0.1
Example 11-15 RR Agreement for AS 123, Two RRs, and Two Audience (Continued)
Building the IP Acquisition Table 393
! RR R9 reflected the prefix to its applicant (R1), as apparent next. Agenda the changes
! compared to R9’s output, with iBGP avenue actuality abstruse from R9 (“from 9.9.9.9”),
! and the array account now including array 0.0.0.2, as added by R9.
R1# sho ip bgp 21.0.0.0
BGP acquisition table access for 21.0.0.0/8, adaptation 20
Paths: (1 available, best #1, table Default-IP-Routing-Table)
Not advertised to any peer
45
3.3.3.3 (metric 2302976) from 9.9.9.9 (9.9.9.9)
Origin IGP, metric 0, localpref 100, valid, internal, best
Originator: 3.3.3.3, Array list: 0.0.0.2, 0.0.0.1
Example 11-15 RR Agreement for AS 123, Two RRs, and Two Audience (Continued)